Risky Business #392 -- A look at Silverpush with Kevin Finisterre

PLUS: Details of the Risky Business partnership with PacketPushers...
03 Dec 2015 » Risky Business

On this week's show we're chatting with Kevin Finisterre about Silverpush -- the creepy ultrasonic audio-beaconing technology used by advertising companies that was in the press a couple of weeks ago. Kevin was all over it and he joins me to discuss the growing overlap between the techniques used by marketers and blackhats.

This week's show is brought to you by Bugcrowd, big thanks to them. In this week's sponsor interview Bugcrowd CEO Casey Ellis joins us to discuss more on bug economics -- how do you price bugs? How do you determine bounty pools? It's not as simple as saying, well, XXE's are worth $500 each and XSS $200. The dynamics here are actually a little more complex than that.

Adam Boileau, as always, joins the show to discuss the week's news headlines.

Don't forget you can now support the Risky Business page via our Patreon campaign.

Oh, and do add Patrick and Adam on Twitter if that's your thing.

Show notes

Hacker Obtained Children's Headshots and Chatlogs From Toymaker VTech | Motherboard

When children are breached-inside the massive VTech hack | Ars Technica

Adobe sounds death knell for Flash - Software - iTnews

China blamed for 'massive' cyber attack on Bureau of Meteorology supercomputer - ABC News (Australian Broadcasting Corporation)

CNN investigates: How Corporate America keeps huge hacks secret - Nov. 30, 2015

DHS Giving Firms Free Penetration Tests - Krebs on Security

DHS to Silicon Valley: Tell us how to secure this "Internet of Things" | Ars Technica

Hey Reader's Digest: Your site has been attacking visitors for days | Ars Technica

China APT Gang Targets Hong Kong Media via Dropbox | Threatpost | The first stop for security news

BlackBerry to bug out of Pakistan by end of year \u2022 The Register


Advantech EKI Vulnerable to Shellshock, Heartbleed | Threatpost | The first stop for security news

Google Plans to End Chrome for 32-bit Linux, Releases Chrome 47 | Threatpost | The first stop for security news

Microsoft Revoves Trust for eDellroot Certficates | Threatpost | The first stop for security news

Lord Echo - Thinking of you - YouTube

Meet The 'Ultrasonic' Tracking Company Privacy Activists Are Terrified Of - Forbes